When a user accesses an information system, data about that user may be collected. The collected user data may include account information, such as a name or credit card number, or other user information such as a purchase history or location history. The user data is stored in information technology systems that utilize technical measures to secure information such that it is only available to authorized parties. There are situations where a user may benefit from the sharing of his or her personal information, but it may be the case that the user's settings disallow such sharing.
For the World Wide Web (WWW), the World Wide Web Consortium (W3C) provides a platform for privacy preferences project (P3P) to enable websites to express their privacy practices in a standard format that can be retrieved automatically and interpreted easily by user agents. P3P user agents allow users to be informed of site practices (in both machine and human-readable formats) and to automate decision-making based on these practices when appropriate. Thus, users need not read the privacy policies at every site he or she visits.
For mobile devices, a personalized privacy assistant (PPA) for mobile application permissions has been created to allow mobile permission management of mobile applications that request permissions to access private data and resources. The PPA utilizes learned privacy profiles compiled from clusters of like-minded users which are used to recommend mobile application permission settings that users are likely to adopt. Following an initial recommendation on permission settings, users are motivated to further review and modify their settings with daily “privacy nudges.” Further information is available in the paper titled “Follow My Recommendations: A Personalized Privacy Assistant for Mobile App Permissions,” included in the Proceedings of the Twelfth Symposium on Usable Privacy and Security.
For social networks, U.S. Pat. No. 8,832,567 states that establishing privacy settings associated with user data shared by a user of a social networking service can include transmitting instructions to display a graphical user interface (GUI) that includes two or more privacy zones: a first privacy zone that is representative of a first set of privacy settings and a second privacy zone that is representative of a second set of privacy settings. The GUI can include a privacy setting icon that is representative of one or more social entities. User input can be received to define placement of the privacy setting icon within one of the first and second privacy zones. In response to placement of the privacy setting icon, one of the first set of privacy settings and the second set of privacy settings are assigned to the one or more social entities represented by the privacy setting icon.